pinakes-server: add more integration tests

Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I7c6c8eaad569404c7a13cfa8114d84516a6a6964
2026-03-21 15:18:38 +03:00 · 2026-03-21 15:18:38 +03:00 · 30041c40c0
commit 30041c40c0
parent fd11b2b7c4
6 changed files with 517 additions and 1 deletions
--- a/crates/pinakes-server/tests/webhooks.rs
+++ b/crates/pinakes-server/tests/webhooks.rs
@ -0,0 +1,90 @@
+mod common;
+
+use axum::http::StatusCode;
+use common::{
+  get,
+  get_authed,
+  post_json_authed,
+  response_body,
+  setup_app,
+  setup_app_with_auth,
+};
+use tower::ServiceExt;
+
+// GET /api/v1/webhooks (viewer)
+
+#[tokio::test]
+async fn list_webhooks_requires_auth() {
+  let (app, ..) = setup_app_with_auth().await;
+  let response = app.oneshot(get("/api/v1/webhooks")).await.unwrap();
+  assert_eq!(response.status(), StatusCode::UNAUTHORIZED);
+}
+
+#[tokio::test]
+async fn list_webhooks_viewer_ok() {
+  let (app, _, _, viewer_token) = setup_app_with_auth().await;
+  let response = app
+    .oneshot(get_authed("/api/v1/webhooks", &viewer_token))
+    .await
+    .unwrap();
+  let status = response.status();
+  let body = response_body(response).await;
+  assert_eq!(status, StatusCode::OK);
+  // No webhooks configured in test config: empty array
+  assert!(body.is_array(), "expected array, got: {body}");
+  assert_eq!(body.as_array().unwrap().len(), 0);
+}
+
+#[tokio::test]
+async fn list_webhooks_no_auth_disabled_ok() {
+  // Auth disabled (setup_app): viewer-level route still accessible
+  let app = setup_app().await;
+  let response = app.oneshot(get("/api/v1/webhooks")).await.unwrap();
+  assert_eq!(response.status(), StatusCode::OK);
+}
+
+// POST /api/v1/webhooks/test (editor)
+
+#[tokio::test]
+async fn test_webhook_requires_editor() {
+  let (app, _, _, viewer_token) = setup_app_with_auth().await;
+  let response = app
+    .oneshot(post_json_authed(
+      "/api/v1/webhooks/test",
+      "{}",
+      &viewer_token,
+    ))
+    .await
+    .unwrap();
+  assert_eq!(response.status(), StatusCode::FORBIDDEN);
+}
+
+#[tokio::test]
+async fn test_webhook_no_dispatcher_returns_ok() {
+  // No webhook dispatcher in test setup; route should return 200 with
+  // "no webhooks configured" message rather than erroring.
+  let (app, _, editor_token, _) = setup_app_with_auth().await;
+  let response = app
+    .oneshot(post_json_authed(
+      "/api/v1/webhooks/test",
+      "{}",
+      &editor_token,
+    ))
+    .await
+    .unwrap();
+  // Either OK or the route returns a structured response about no webhooks
+  assert!(
+    response.status() == StatusCode::OK
+      || response.status() == StatusCode::BAD_REQUEST
+  );
+}
+
+#[tokio::test]
+async fn test_webhook_requires_auth() {
+  let (app, ..) = setup_app_with_auth().await;
+  let response = app
+    .oneshot(post_json_authed("/api/v1/webhooks/test", "{}", "badtoken"))
+    .await
+    .unwrap();
+  assert_eq!(response.status(), StatusCode::UNAUTHORIZED);
+}